Here we are, smug in our confidence that our Mac computers are immune to malware. This is because of the inherent superiority of the Apple operating system, right? Wrong. Numerous vulnerabilities have been reported and patched in recent years. Without these patches, the Mac OS would be just as vulnerable as Windows. That is why Apple issues patches so regularly.

But hardly anybody writes malware for Apple machines because they are only a small fraction of the world’s computers and the universe of Windows machines is a larger and juicier target, right? Wrong. The installed base of Apple computers has reached a critical mass and is now attractive to sinister elements who write malware.

Most Mac users take security too lightly, and are proud of the fact that they don’t run any security at all. This open door will someday be exploited. Let this be our wake-up call.

A single update package for Mac OS X 10.6.7 dated April 2011 listed nine separate flaws in the operating system that could be exploited by malware. Every one of the vulnerabilities had existed for a minimum of 18 months before being patched, and every one was capable of executing hostile code on an unprotected system with little or no user interaction. Simply downloading a document, viewing a movie or visiting a website can start the process.

In general, there are three types of malware: viruses, Trojans, and worms.

A virus is a piece of software that attaches itself to another program (the host) and uses the ability of the host to replicate itself. A computer virus has two functions: to replicate itself and to execute its payload, which can range from merely annoying graffiti to functions such as erasing the entire system and stealing personal information. The virus executes when the host program executes.

A Trojan, or more properly a Trojan horse, also carries payload code. The malware enters the user’s system by posing as something the user wants. Once the user executes the malware on their computer the hidden payload can perform the function desired by the malware author. Defense against a Trojan is difficult because it depends for the most part on the awareness (paranoia?) of the user.

A worm is similar to a virus in that it self-replicates. It is different in that it does not require a host program to exist. A worm can work its way through a network leaving copies of itself until it uses up enough of the network’s resources to shut it down.

A Trojan that is widely available is MacDefender (aka MacProtector, aka MacSecurity). Purporting to be free virus protection software, it spreads as search engine optimization poisoning. If you see an ad that says “you have a virus, click here to clean your machine” or “click here and we’ll check you for malware” or “click here to make your computer run faster” these sites are enticing you to install their malware.

In more innocent times, malware was written by hackers who wanted to demonstrate that they could, in fact, write a piece software that would distribute itself worldwide in a relatively short time. These early attempts were sometimes cute, sometimes mildly annoying, but other times nothing short of vandalism. Fortunately, this level of malware was easily detected and cleaned by virus protection programs such as those published by Norton and McAfee.

Today’s malware is much more sophisticated and pernicious, attempting to steal personal data, passwords, bank and credit card account numbers and more. These attacks are usually run by organized crime rings out of countries in the former Soviet Union where information technology regulations and enforcement are more lax. These criminals are committing mass fraud and global extortion on the global digital marketplace.

A large part of the problem now is the existence and availability (for a price) of point-and-click malware generators – Spy Eye and Zeus – that can target both Windows and Mac machines, and browsers that include Internet Explorer, Safari, Firefox, Safari, and soon Chrome. Seeing the first DIY malware kit for the OS X platform marks a tipping point. On-line criminals are embracing the slow decline of the Windows monopoly and the steady rise of alternative platforms.

But the Apple Mac OS X environment has both strengths and weaknesses. It has become an abnormally biased situation in that the strengths are very strong and the weaknesses are becoming increasingly obvious. Consider enhancing your defenses with Intego’s VirusBarrier, Sophos and MacScan. These are three of several that have free demo versions. And backup, backup, backup.

Stan Elias writes on business and technology issues and operates Tensor Communications, a West Barnstable-based marketing and communications agency specializing in high-tech companies. He can be reached at
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it